Lucene search
HistorySep 20, 2007 - 9:17 p.m.
CVE-2007-5009
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.117
Percentile
95.3%
PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a before 20070922, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Affected configurations
Node
phpbb2phpbb2_plusMatch1.53
ORphpbb2phpbb2_plusMatch1.53a
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpbb2 | phpbb2_plus | 1.53 | cpe:2.3:a:phpbb2:phpbb2_plus:1.53:*:*:*:*:*:*:* |
| phpbb2 | phpbb2_plus | 1.53a | cpe:2.3:a:phpbb2:phpbb2_plus:1.53a:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2007-5009
2007-09-20 21:17:00
CVE-2007-5100
2007-09-26 22:17:00
prion
prion
Remote file inclusion
2007-09-20 21:17:00
Remote file inclusion
2007-09-26 22:17:00
cvelist
cvelist
CVE-2007-5009
2007-09-20 21:00:00
CVE-2007-5100
2007-09-26 22:00:00
canvas
canvas
Immunity Canvas: PHPBBPLUS_INCLUDE
2007-09-20 21:17:00
exploitdb
exploitdb
phpBB Plus 1.53 - 'phpbb_root_path' Remote File Inclusion
2007-09-20 00:00:00
nvd
nvd
CVE-2007-5100
2007-09-26 22:17:00
nessus
nessus
phpBB Multiple Module phpbb_root_path Parameter Remote File Inclusion
2006-05-04 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.117
Percentile
95.3%
Related for NVD:CVE-2007-5009